Commit 3cbb8142 authored by Yusei Tahara's avatar Yusei Tahara

Use standard_b64encode, standard_b64decode instead of encodestring, decodestring.


git-svn-id: https://svn.erp5.org/repos/public/erp5/trunk@23339 20353a03-c40f-0410-a6d1-a30d3c3de9de
parent 869098a4
...@@ -34,7 +34,7 @@ ATTEMPT_NONE = 0 # No attempt at authentication ...@@ -34,7 +34,7 @@ ATTEMPT_NONE = 0 # No attempt at authentication
ATTEMPT_LOGIN = 1 # Attempt to log in ATTEMPT_LOGIN = 1 # Attempt to log in
ATTEMPT_RESUME = 2 # Attempt to resume session ATTEMPT_RESUME = 2 # Attempt to resume session
from base64 import encodestring, decodestring from base64 import standard_b64encode, standard_b64decode
from DateTime import DateTime from DateTime import DateTime
class PatchedCookieCrumbler(CookieCrumbler): class PatchedCookieCrumbler(CookieCrumbler):
...@@ -99,8 +99,7 @@ def modifyRequest(self, req, resp): ...@@ -99,8 +99,7 @@ def modifyRequest(self, req, resp):
attempt = ATTEMPT_LOGIN attempt = ATTEMPT_LOGIN
name = req[self.name_cookie] name = req[self.name_cookie]
pw = req[self.pw_cookie] pw = req[self.pw_cookie]
#ac = encodestring('%s:%s' % (name, pw)).rstrip() => changed for remove all newlines ac = standard_b64encode('%s:%s' % (name, pw))
ac = encodestring('%s:%s' % (name, pw)).replace('\012','')
self._setAuthHeader(ac, req, resp) self._setAuthHeader(ac, req, resp)
if req.get(self.persist_cookie, 0): if req.get(self.persist_cookie, 0):
# Persist the user name (but not the pw or session) # Persist the user name (but not the pw or session)
...@@ -124,7 +123,7 @@ def modifyRequest(self, req, resp): ...@@ -124,7 +123,7 @@ def modifyRequest(self, req, resp):
ac = unquote(req[self.auth_cookie]) ac = unquote(req[self.auth_cookie])
if ac and ac != 'deleted': if ac and ac != 'deleted':
try: try:
decodestring(ac) standard_b64decode(ac)
except: except:
# Not a valid auth header. # Not a valid auth header.
pass pass
...@@ -144,8 +143,7 @@ CookieCrumbler.modifyRequest = modifyRequest ...@@ -144,8 +143,7 @@ CookieCrumbler.modifyRequest = modifyRequest
def credentialsChanged(self, user, name, pw): def credentialsChanged(self, user, name, pw):
#ac = encodestring('%s:%s' % (name, pw)).rstrip() => changed for remove all newlines ac = standard_b64encode('%s:%s' % (name, pw))
ac = encodestring('%s:%s' % (name, pw)).replace('\012','')
method = self.getCookieMethod( 'setAuthCookie' method = self.getCookieMethod( 'setAuthCookie'
, self.defaultSetAuthCookie ) , self.defaultSetAuthCookie )
resp = self.REQUEST['RESPONSE'] resp = self.REQUEST['RESPONSE']
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment